REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
83
b'linkks'
75
b'jobert'
70
b'nyymi'
62
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Ubiquiti Networks'
disclosed a bug submitted by
b'thenickdude'
b'Ability to log in as any user without authentication if ????????? is empty'
08 Aug 2017
b'Rockstar Games'
disclosed a bug submitted by
b'anshuman_bh'
b'Ability to post comments to a crew even after getting kicked out'
08 Aug 2017
b'Gratipay'
disclosed a bug submitted by
b'lovepakistan'
b'SPF Protection not used, I can hijack your email server'
08 Aug 2017
b'Gratipay'
disclosed a bug submitted by
b'anshad'
b'Sub domain take over in gratipay.com'
08 Aug 2017
b'Legal Robot'
disclosed a bug submitted by
b'goodhackonly'
b'2FA user enumeration via login'
08 Aug 2017
b'Mixmax'
disclosed a bug submitted by
b'faisal2542'
b'Public calendar link can be invisible'
07 Aug 2017
b'Ruby'
disclosed a bug submitted by
b'sandeep_hodkasia'
b'Open aws s3 bucket s3://rubyci'
06 Aug 2017
b'WakaTime'
disclosed a bug submitted by
b'asaxena2190'
b'Impersonation of Wakatime user using Invitation functionality.'
06 Aug 2017
b'Starbucks'
disclosed a bug submitted by
b'ynsy'
b'Full Api Access and Run All Functions via Starbucks App'
06 Aug 2017
b'Dropbox'
disclosed a bug submitted by
b'leovin'
b'Missing URL sanitization in comments can be leveraged for phishing'
04 Aug 2017
b'Khan Academy'
disclosed a bug submitted by
b'utkarsh123'
b'Password Functionality not working correctly'
03 Aug 2017
b'Rockstar Games'
disclosed a bug submitted by
b'netfuzzer'
b'CSRF Vulnerability allows attackers to steal SocialClub private token.'
03 Aug 2017
b'Kaspersky Lab'
disclosed a bug submitted by
b'huntman'
b'In App purchase Hack '
03 Aug 2017
b'Phabricator'
disclosed a bug submitted by
b'luke081515'
b'Credential gets exposed'
02 Aug 2017
b'Coinbase'
disclosed a bug submitted by
b'mohammad_obaid'
b'Device confirmation Flaw'
02 Aug 2017
b'Revive Adserver'
disclosed a bug submitted by
b'pavanw3b'
b'Reflected XSS in Step 2 of the Installation'
02 Aug 2017
b'Revive Adserver'
disclosed a bug submitted by
b'pavanw3b'
b'Stored XSS on Admin Access Page - Email field'
02 Aug 2017
b'Revive Adserver'
disclosed a bug submitted by
b'pavanw3b'
b'Reflected XSS on Zones > Invocation Code'
02 Aug 2017
b'Revive Adserver'
disclosed a bug submitted by
b'pavanw3b'
b'Weak Forgot Password implementation'
02 Aug 2017
b'Boozt Fashion AB'
disclosed a bug submitted by
b'ramsexy'
b'Email link poisoning / Host header attack'
01 Aug 2017
1
...
525
526
527
528
529
...
738
BY DENIS WERNER - @NOBBD -
IMPRESSUM
